2

I'm struggling to install a lets encrypt cert on IBM cloud to enable https access. I checked the cert using keytool and it includes all domains, and it seems valid.

Right now i have two problems:

  1. https is only enabled on the root domain -> https://example.com but not on any of my subdomains including https://www.example.com
  2. the intermediate cert isnt delivered, which means some browsers wont accept it.

I followed this tutorial https://www.ibm.com/blogs/bluemix/2014/09/ssl-certificates-bluemix-custom-domains/ unfortunately it's very old and most probably outdated.

Does anyone know how to do this?

Thanks

Zoran Pandovski
  • 2,312
  • 14
  • 24
Alem Filli
  • 73
  • 1
  • 1
  • 7

1 Answers1

2

If you have the files ready, use the Bluemix CLI and upload them:

bx app domain-cert-add www.example.com -c cert.pem -k privkey.pem -i chain.pem

Then view your certificate:

bx app domain-cert www.example.com

Also, there is a bluemix-letsencrypt Python application that automates the whole process of doing the LetsEncrypt ACME challenge, issuing the certificate and key files (.pem), downloading them, and then uploading to bluemix. All done without taking down your live bluemix app because only /.well-known/acme-challenge/ paths are redirected to the python app, and not all / root calls.

amdelamar
  • 346
  • 3
  • 16
  • hey austin, thanks for your help! IBM support wasnt able to help for weeks! it looks like there is a bug in their frontend. thanks again alem – Alem Filli Apr 22 '18 at 18:59
  • You're welcome. And if `bx` or console website gives any errors like 500 or something, I just try again and again until it succeeds. Sometimes the connection is moot. – amdelamar Apr 23 '18 at 15:47
  • Is there a way to automate cert renewal on IBM cloud? Using "Lets Encrypt", the renewal period is just 90 days... – Qasim Jul 13 '18 at 04:28